Conventionally, a UIM card (user identify module card) including personal information, telephone number information, and the like is transferred between different portable terminals so that the information such as telephone numbers recorded on the UIM card is inherited and used in the portable terminal to which the UIM card is transferred. With the recent development of electronic money and the like, an IC chip for electronic money is installed in a portable terminal, and the IC chip in the portable terminal is used through contactless communication. In order to use an IC chip exclusively for a particular UIM card in a portable terminal through contactless communication and wired communication from an application program or the like, as shown in FIG. 10, it is necessary that a portable terminal 600 should include an SE (secure element) unit 601 storing and processing data, an application storage unit 606 storing an application that uses service data in the SE unit, a portable terminal-side UIM information storage unit 602 storing UIM information of a UIM card, an SE management unit 603 performing access restriction on the SE unit, an RF (radio frequency) unit 604 for performing contactless communication, and an antenna unit 605. On the other hand, a UIM card 500 inserted into the portable terminal 600 includes a card-side UIM information storage unit 501 storing UIM information that can identify itself. For example, Non-Patent Literature 1 describes that the SE unit 601 is included in the portable terminal 600.
In such a portable terminal 600, in order to implement services such as electronic money, it is necessary to perform an issuance process of registering service data in the SE unit 601 of the IC chip via an application that uses the IC chip in the portable terminal 600. This issuance process is, first, initiated when an issuance process activation flag is set on in the portable terminal 600 upon input operation by a user via an interface corresponding to the application performing an issuance process, upon downloading of an application program, or upon initial startup of an application program. When the issuance process activation flag is set on, the application program initiates communication with a device that performs an issuance process (for example, a server on a network or an authentication unit provided in the inside of the portable terminal itself) and performs the issuance process on the SE unit 601, including data registration and write into the SE unit.
The SE unit 601 stores data (hereinafter referred to as service data) obtained through the issuance process. Here, the portable terminal 600 has an attribute information file (hereinafter also referred to as ADF (Application Description File)) existing for each application. Information of an application and information about service data in the SE unit 601 corresponding to the application are stored in the ADF.
The portable terminal-side UIM information storage unit 602 stores UIM information that permits the use of the IC chip in the portable terminal 600.
The SE management unit 603 compares the UIM information stored in the card-side UIM information storage unit 501 of the UIM card 500 inserted into the portable terminal 600 with the UIM information stored in the portable terminal-side UIM information storage unit 602 and performs access restriction on the service data in the SE unit 601. For example, if the UIM card 500 different from the UIM information stored in the portable terminal-side UIM information storage unit 602 is inserted into the portable terminal 600, the use of the service data in the SE unit 601 that is specified by the ADF corresponding to each application is disabled. In this manner, it is possible to prevent the use of the service data in the SE unit 601 by the UIM card 500 other than the UIM card 500 originally permitted to use. In a case where a UIM card is not inserted into the portable terminal, access to the service data can be restricted, similarly.
When the application having finished the issuance process is deleted from the portable terminal 600, the corresponding ADF and the service data corresponding to the application in the SE unit are also deleted. Such a series of processes avoids a state in which the service data exists in the SE unit 601 and the data in the SE unit is available even though the application does not exist in the portable terminal.